+Vithursa Mahendrarajah <vithu...@wso2.com> On Mon, Aug 12, 2019 at 5:26 PM Sanjeewa Malalgoda <sanje...@wso2.com> wrote:
> > > On Thu, Aug 8, 2019 at 9:08 PM Malintha Amarasinghe <malint...@wso2.com> > wrote: > >> When we return a 404, it implies that the URL (or the resource) does not >> exist. Here the URL/resource is */validate-role *(a controller resource) >> which always exists so it is wrong to return a 404 at any case. >> > Yes agree with this and controller resource(as query params optional > controller resource will be resource) is not ideal for this. > Using head would be good option. Like nirmal mentioned any additional > parameters related to filter criteria can be passed as query parameters. > > Thanks, > sanjeewa/ > >> >> Thanks! >> >> On Thu, Aug 8, 2019 at 7:12 PM Menaka Jayawardena <men...@wso2.com> >> wrote: >> >>> Hi Naduni, >>> >>> Wh the GET request always returns 200? >>> Can't we set the status code 404 if the role is not found? So we can >>> check the response status from the UI. We do not want to read the body then. >>> >>> >>> >>> On Thu, Aug 8, 2019 at 6:05 PM Naduni Pamudika <nad...@wso2.com> wrote: >>> >>>> Hi All, >>>> >>>> Thanks all for the suggestions. With the GET method @Bhathiya >>>> Jayasekara <bhath...@wso2.com> suggested, we have the following 2 >>>> options now. >>>> >>>> 1. *HEAD /roles/{roleName}* >>>> 2. *GET /validate-role?role=rolename* >>>> >>>> >>>> If we go with the option 1, it will simplify the work in the UI side >>>> while doing the role validations by using the Rest API since we can do the >>>> validation by looking at the status code (If the role exists it is a 200 >>>> and if not it is a 404). If we go with the option 2, it will always return >>>> a 200 status code and we need to check the response body to validate a >>>> particular role name (We can send *isRoleExist=true* and >>>> *isRoleExist=false* in the response body depending on the existence of >>>> a role name). >>>> >>>> Since most of us are +1 with the option 2, shall we move forward with >>>> the GET method? >>>> >>>> Thanks, >>>> Naduni >>>> >>>> On Wed, Aug 7, 2019 at 7:27 PM Bhathiya Jayasekara <bhath...@wso2.com> >>>> wrote: >>>> >>>>> >>>>> >>>>> On Wed, Aug 7, 2019 at 6:24 PM Malintha Amarasinghe < >>>>> malint...@wso2.com> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Wed, Aug 7, 2019 at 3:39 PM Harsha Kumara <hars...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> >>>>>>> >>>>>>> On Wed, Aug 7, 2019 at 3:37 PM Malintha Amarasinghe < >>>>>>> malint...@wso2.com> wrote: >>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Aug 7, 2019 at 3:35 PM Harsha Kumara <hars...@wso2.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Let's say if someone wants to check existence of role foo in user >>>>>>>>> store TEST. He will do a call /roke/TEST/foo which isn't valid request >>>>>>>>> right? >>>>>>>>> >>>>>>>> @Harsha Kumara <hars...@wso2.com> we need to URL encode the role >>>>>>>> name. The request will become /roles/TEST%2Ffoo >>>>>>>> >>>>>>> Yes that's true. Again some customers might have different letters >>>>>>> in their role names. Might note be a good idea to include as a path >>>>>>> parameter. >>>>>>> >>>>>> Even if we add as a query param, that will go as part of the URL >>>>>> which might lead to similar issues? We may need to test this for query >>>>>> parameters as well. >>>>>> >>>>>> I preferred the HEAD method due to the simpleness ( only need to >>>>>> respond with 204 or 404 without any payload based on the availability of >>>>>> the role) and RESTfulness (consider a role as a resource and do a fetch >>>>>> on >>>>>> it in the usual way). HEAD is the usual way for checking the existence >>>>>> of a >>>>>> resource. However, we do not have the need for implementing a GET here >>>>>> for >>>>>> now. >>>>>> >>>>> >>>>> This is actually my worry is. I don't think we'll ever have to give a >>>>> /roles/{role} in the publisher APIs. So having a HEAD without a GET feels >>>>> strange to me. Maybe it's just me. >>>>> >>>>> Thanks, >>>>> Bhathiya >>>>> >>>>> >>>>>> >>>>>> >>>>>> >>>>>>>> >>>>>>>>> >>>>>>>>> On Wed, Aug 7, 2019 at 3:33 PM Mushthaq Rumy <musht...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Adding [Architecture] >>>>>>>>>> >>>>>>>>>> On Wed, Aug 7, 2019 at 3:30 PM Mushthaq Rumy <musht...@wso2.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> Since we will be UserStoreManager, this should cover the >>>>>>>>>>> secondary user stores as well. >>>>>>>>>>> >>>>>>>>>>> Thanks & Regards, >>>>>>>>>>> Mushthaq >>>>>>>>>>> >>>>>>>>>>> On Wed, Aug 7, 2019 at 3:28 PM Harsha Kumara <hars...@wso2.com> >>>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>>> What happen if the role is from secondary user store? >>>>>>>>>>>> >>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:24 PM Naduni Pamudika <nad...@wso2.com> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi All, >>>>>>>>>>>>> >>>>>>>>>>>>> We are planning to add a REST API endpoint to APIM 3.0 >>>>>>>>>>>>> Publisher Rest APIs and the intention is to check the existence >>>>>>>>>>>>> of a >>>>>>>>>>>>> particular role name. This will be used in order to manage roles >>>>>>>>>>>>> when >>>>>>>>>>>>> enabling Publisher Access Control and Store Visibility and when >>>>>>>>>>>>> adding >>>>>>>>>>>>> Scopes. >>>>>>>>>>>>> >>>>>>>>>>>>> The swagger definition for the new endpoint would be as >>>>>>>>>>>>> follows. >>>>>>>>>>>>> >>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>> # The Role Name Existence >>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>> /roles/{roleName}: >>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>> # The role name existence check resource >>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>> head: >>>>>>>>>>>>> security: >>>>>>>>>>>>> - OAuth2Security: >>>>>>>>>>>>> - apim:api_view >>>>>>>>>>>>> summary: | >>>>>>>>>>>>> Check given role name is already exist >>>>>>>>>>>>> description: | >>>>>>>>>>>>> Using this operation, you can check a given role >>>>>>>>>>>>> name is already used. You need to provide the role name you want >>>>>>>>>>>>> to check. >>>>>>>>>>>>> parameters: >>>>>>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>>>>>> responses: >>>>>>>>>>>>> 200: >>>>>>>>>>>>> description: | >>>>>>>>>>>>> OK. >>>>>>>>>>>>> Requested role name is returned. >>>>>>>>>>>>> 404: >>>>>>>>>>>>> description: | >>>>>>>>>>>>> Not Found. >>>>>>>>>>>>> Requested role name does not exist. >>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>> # Role Name >>>>>>>>>>>>> roleName: >>>>>>>>>>>>> name: roleName >>>>>>>>>>>>> in: path >>>>>>>>>>>>> description: | >>>>>>>>>>>>> The role name >>>>>>>>>>>>> required: true >>>>>>>>>>>>> type: string >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> It is a HEAD method (*/roles/{roleName}*) which will return a >>>>>>>>>>>>> 200 status code if the given role name exists and a 404 status >>>>>>>>>>>>> code if the >>>>>>>>>>>>> give role name is not found. Sample requests and responses are >>>>>>>>>>>>> given below. >>>>>>>>>>>>> >>>>>>>>>>>>> Request: >>>>>>>>>>>>> HEAD >>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/valid-role >>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>> >>>>>>>>>>>>> Response: >>>>>>>>>>>>> HTTP/1.1 200 OK >>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Request: >>>>>>>>>>>>> HEAD >>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/invalid-role >>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>> Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>> >>>>>>>>>>>>> Response: >>>>>>>>>>>>> HTTP/1.1 404 Not Found >>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Are we good to have the endpoint definition as this? >>>>>>>>>>>>> Appreciate your inputs to proceed further. >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks, >>>>>>>>>>>>> Naduni >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>> >>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>> >>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Mushthaq Rumy >>>>>>>>>>> *Senior Software Engineer* >>>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>>> >>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Mushthaq Rumy >>>>>>>>>> *Senior Software Engineer* >>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>> >>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> >>>>>>>>> *Harsha Kumara* >>>>>>>>> >>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>> Mobile: +94775505618 >>>>>>>>> Email: hars...@wso2.coim >>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>> >>>>>>>>> GET INTEGRATION AGILE >>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Malintha Amarasinghe >>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>> http://wso2.com/ >>>>>>>> >>>>>>>> Mobile : +94 712383306 >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Harsha Kumara* >>>>>>> >>>>>>> Technical Lead, WSO2 Inc. >>>>>>> Mobile: +94775505618 >>>>>>> Email: hars...@wso2.coim >>>>>>> Blog: harshcreationz.blogspot.com >>>>>>> >>>>>>> GET INTEGRATION AGILE >>>>>>> Integration Agility for Digitally Driven Business >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Malintha Amarasinghe >>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>> http://wso2.com/ >>>>>> >>>>>> Mobile : +94 712383306 >>>>>> >>>>> >>>>> >>>>> -- >>>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>>> >>>>> >>>>> >>>> >>>> -- >>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) nad...@wso2.com >>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>> >>>> >>> >>> -- >>> >>> *Menaka Jayawardena* >>> Senior Software Engineer | WSO2 Inc. >>> +94 71 350 5470 | +94 76 717 2511 | men...@wso2.com >>> >>> <https://wso2.com/signature> >>> >>> >> >> -- >> Malintha Amarasinghe >> *WSO2, Inc. - lean | enterprise | middleware* >> http://wso2.com/ >> >> Mobile : +94 712383306 >> > > > -- > *Sanjeewa Malalgoda* > Software Architect | Associate Director, Engineering - WSO2 Inc. > (m) +94 712933253 | (e) sanje...@wso2.com | (b) Blogger > <http://sanjeewamalalgoda.blogspot.com>, Medium > <https://medium.com/@sanjeewa190> > > GET INTEGRATION AGILE <https://wso2.com/signature> > Integration Agility for Digitally Driven Business > -- *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) nad...@wso2.com [image: http://wso2.com/signature] <http://wso2.com/signature>
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture